jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
16,314 Commits 33 Branches 583 Tags
a865320e3af1deea2b05604d00a472dea6926018
Commit Graph

8644 Commits

Author SHA1 Message Date
Girish Ramakrishnan
9704eefc21 backupcleaner: do not remove the backup in progress 
the backup cleaner erroneously removes any "creating" state backups.
backups that are stuck are cleaned up elsewhere already (in the
backup retention logic with discardReason of "creating-too-long").
the missing backup logic is intended for any upstream lifecycle policies.
 2024-08-15 15:53:31 +02:00
Girish Ramakrishnan
52cd52d83c lint 2024-08-15 15:46:19 +02:00
Girish Ramakrishnan
4a29371907 s3: sometimes message is null and only code is valid 2024-08-13 07:08:33 +02:00
Girish Ramakrishnan
041f7da59b backups: make noop upload work again 2024-08-12 10:05:14 +02:00
Girish Ramakrishnan
7391af6f08 tail does not support doubledash it seems 2024-08-10 11:13:07 +02:00
Girish Ramakrishnan
8a640c8219 better app autoupdate logs 2024-08-10 11:04:17 +02:00
Girish Ramakrishnan
2ff995aa95 filemanager: do not respond again 2024-08-08 15:20:50 +02:00
Girish Ramakrishnan
21705a0e96 volumes: /mnt/volumes is reserved 2024-08-08 14:45:50 +02:00
Girish Ramakrishnan
c03da3be54 volumes: check provider instead of hostPath 2024-08-08 14:41:43 +02:00
Girish Ramakrishnan
69f48ed11a apps: do not log app logs to output 2024-08-07 15:51:04 +02:00
Johannes Zellner
caa0c342a4 sftp: restore mode and owner 2024-08-01 21:44:34 +02:00
Girish Ramakrishnan
b870f98ec2 proxy-middleware: no more a middleware 2024-07-30 13:34:41 +02:00
Girish Ramakrishnan
a5249102f2 proxy-middleware: just pass a string 2024-07-30 12:04:35 +02:00
Girish Ramakrishnan
5aa0c57a74 proxy-middleware: remove https and custom headers 2024-07-30 11:46:54 +02:00
Girish Ramakrishnan
053b076af0 proxy-middleware: remove via header and cookie support 2024-07-30 11:35:46 +02:00
Girish Ramakrishnan
247309e11b use constant 2024-07-30 11:00:50 +02:00
Girish Ramakrishnan
468d4dd9b0 ami: imdsv2 support 
https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/

One has to get a token now via PUT. This is because there is a bunch of
open proxies out there which blindly forwarded everything to internal network
including metadata requests. They have found that PUT requests don't cleanly
proxy and also AWS rejects token requests with X-Forwarded-For.
 2024-07-27 14:48:42 +02:00
Johannes Zellner
6056ba6475 Another missing check for manifest.addons 2024-07-27 11:56:36 +02:00
Girish Ramakrishnan
d8aa4bc5e4 filemanager: fix sending of double header 
we should not proceed to notFoundHandler if proxy handled it just fine
 2024-07-26 11:58:41 +02:00
Girish Ramakrishnan
731295f708 system: simplify logic 2024-07-25 17:50:50 +02:00
Girish Ramakrishnan
9399040cd3 Fix log recursion 
shell.sudo logs output to stdout/stderr intentionally. It is not meant
for scripts that generate much output (basically scripts/* files).

core of the issue is that none of the log commands require to use sudo.
they can just use normal tail. only app logs requires sudo because of the
logPaths directive in the manifest.
 2024-07-25 17:48:58 +02:00
Girish Ramakrishnan
b6fbc46b58 Revert "Add option to not log shell subprocess stdout+stderr" 
This reverts commit 51bb2d2bc2.
 2024-07-25 11:53:56 +02:00
Johannes Zellner
51bb2d2bc2 Add option to not log shell subprocess stdout+stderr 
When tailing the box log file this leads to logline recursion
 2024-07-25 10:22:02 +02:00
Girish Ramakrishnan
7ebf5ca16a Bring back upload route to keep e2e happy 
let's maybe remove it in next release
 2024-07-23 08:28:44 +02:00
Girish Ramakrishnan
b26ff08a3c shell: copy over code and signal values from cp object 2024-07-22 21:24:27 +02:00
Girish Ramakrishnan
44678cf5f1 sshfs: if remote copy fails, fallback to sshfs based copy 
remote copy can file if there is no cp in the remote . for example,
if it was a windows server.
 2024-07-22 20:53:19 +02:00
Girish Ramakrishnan
5084ee761e update postgresql conf notes 2024-07-22 18:53:51 +02:00
Girish Ramakrishnan
91f50ae949 mysql: add template custom.cnf 2024-07-22 18:53:51 +02:00
Johannes Zellner
01945675ed Check if addons exists in database import 2024-07-22 16:45:13 +02:00
Johannes Zellner
185c16c3e2 remove apps upload api in favor of sftp container api 2024-07-22 16:20:15 +02:00
Girish Ramakrishnan
a09a3fd012 postgresql: add template custom.conf 2024-07-22 14:44:23 +02:00
Johannes Zellner
871fd83148 Use new sftp service image without multipart file upload 2024-07-22 13:29:56 +02:00
Girish Ramakrishnan
dd8bc493e7 postgresql: add custom.conf include 2024-07-22 12:50:23 +02:00
Girish Ramakrishnan
c85c0558b9 multipart: cleanup files after reading their contents 
one idea is just use express.raw() . however, we have to implement some
file size limit there.

one case this does not handle is aborted uploads from a box.service restart.
for this rare case, a server reboot will clean up /tmp anyway.
 2024-07-19 23:11:26 +02:00
Girish Ramakrishnan
7f11699fac remove urlencoded 
we don't use this in our API
 2024-07-19 22:44:22 +02:00
Girish Ramakrishnan
525e48ae59 json middleware is part of Express v4.16.0 2024-07-19 22:26:24 +02:00
Johannes Zellner
a6369a7dde Fix linter error 2024-07-19 22:24:34 +02:00
Girish Ramakrishnan
d5ea99603f backups: give is a low oomScoreAdjust to not get killed 2024-07-19 13:05:09 +02:00
Girish Ramakrishnan
083432cbfe test: add EnsureFileSizeStream test 2024-07-18 15:39:45 +02:00
Girish Ramakrishnan
dbbce4160d tgz: underflow/overflow proxy stream 
In tar, the entry header contains the file size. If we don't provide it those many bytes, the tar will become corrupt
Linux provides no guarantee of how many bytes can be read from a file. This is the case with sqlite and log files
which are accessed by other processes when tar is in action. This class handles overflow and underflow
 2024-07-18 15:13:38 +02:00
Girish Ramakrishnan
885aac69c5 tgz: handle addEntryToPack to error 2024-07-18 14:47:31 +02:00
Girish Ramakrishnan
b3c301fc2a lint 2024-07-18 13:31:29 +02:00
Girish Ramakrishnan
01deb4d285 update: updateConfig can be missing values, selectively update db 2024-07-17 08:58:43 +02:00
Girish Ramakrishnan
aeddaa4566 apps: rework portBindings 
ports is REST API input . Map of env var to the host port
portBinding is the database structure. Map of env var to host port, count, type etc

also, rename portCount -> count in various places to keep things consistent
 2024-07-17 00:25:47 +02:00
Girish Ramakrishnan
620c49cf76 Fix signature of checkForPortBindingsConflict 2024-07-16 19:31:54 +02:00
Girish Ramakrishnan
6d73dfdb40 parse port count as integer 2024-07-16 19:28:22 +02:00
Girish Ramakrishnan
9bf240d83b update: handle change in secondary domains and multiDomain flag 2024-07-16 10:32:31 +02:00
Girish Ramakrishnan
012f8bc14e setup: show message on how to redo setup 2024-07-15 21:08:13 +02:00
Girish Ramakrishnan
e9b6002f63 s3: fix exists check 2024-07-14 22:04:12 +02:00
Girish Ramakrishnan
07396c9824 Revert "support: add route to repair apps" 
This reverts commit 0bab0ed748.

It's better to somehow integrate this into the dashboard ...
 2024-07-12 14:22:47 +02:00